How to create a Metamask Plugin

How to create a Metamask Plugin

What is It?

A Metamask plugin is a script that allows developers to customize the browser extension and introduce extra features with the help of powerful APIs. By default, the plugin system has zero privilege though, there are several methods in the snaps which enable a permission system a developer can offer to users according to the needs of a Dapp.

Why Snaps?

Everyday new protocols are introduced in the ecosystem, and their associated Dapp may require interacting with user accounts, or running a persistent script on the user’s behalf, either to monitor state, pre-process transactions, or serve up a new peer to peer file transport to different sites with a shared cache.

Dapp to Dapp, these requirements vary but with the current implementation of the Metamask, users are asked to install the extension and accept security-sensitive permissions. Also, if a dapp uses Metamask as their web3 provider it cannot introduce any additional features to the wallet.

After realizing that adding functionality is a powerful pattern, arguably the hallmark of open computing, Metamask introduced Snaps: The Metamask Plugin System.

How it works

A plugin script is able to add different functionalities by making API calls. Metamask introduced the wallet API, which is an extension of web3.currentProvider API and allows developers to build better permission systems.

For example, a file-sharing plugin doesn’t need to know what page you’re on, just what hash you want to load or set.

Different Plugin Ideas

Every plugin has the ability to provide its own API to the sites that a user visits, as well as to other plugins, allowing plugins to build upon each other, in a sort of decentralized dependency graph. For example, a state channel plugin might rely on a whisper plugin.

Smart Contract Security

Smart Contract Security is a huge issue, both because you can never be secure enough, and no matter how many layers of checks you add, you always have to ask who watches the watchmen? Plugins could add warnings or endorsements of accounts wherever MetaMask displays them.

ENS to resolve names

Decentralized name systems are an exciting opportunity for loading content outside of the traditional certificate authority system, and we don’t want to dictate what name systems a user can subscribe to!

Privacy protocols

Privacy-centric protocols require unique forms of cryptography, so rather than try to implement every kind of signing algorithm in existence and audit and merge them.

Developers can use the wallet.getAppKey() API to get a unique private key for their domain, generated from the user’s own seed phrase uniquely for the plugin’s origin, which is now treated as the authority for that key type. Developers can then use a JavaScript confirmation to get user consent for that type of signature.

Layer 2 Scaling

Metamask introduced a suite of plugins APIs that open Dapp development to decentralized agreements off the main Ethereum chain. For instance, switching from mainchain to sidechain requires user to perform manual switching. Snap's permission with the wallet.getAppKey() API or the wallet_manageAssets can help to automate this process.

APIs currently provided

.registerRpcMessageHandler(rpcMessageHandler)

Used to extend the MetaMask API exposed to Dapps. Developers can create their own APIs making this extendible and powerful.

.registerApiRequestHandler(handler)

Used to create responsive, event-driven APIs, that can be provided to the Dapp.

.onMetaMaskEvent(eventName, callback)

Just for beta purposes, exposes every event internal to the MetaMask controllers for Transactions, Networks, and Block tracking. Some are:-

tx:status-update: Be notified when the status of your transactions changes

latest: Be notified when new blocks are added to the blockchain

networkDidChange: Be notified when your selected network changes

newUnapprovedTx: Be notified with details of your new transactions

Developers can ask for permissions for the above in the following format:

"initialPermissions":{"metamask_newUnapprovedTx":{}}

.getAppKey()

Every Snap can request a unique secret seed based on hash(script_origin + user_private_key). It is available in the Snap globally as wallet.getAppKey(). This method returns a promise, which resolves to a 32 byte (64 character) hex-encoded string which is re-generated if the user were to have their computer wiped, but restored MetaMask from the same seed phrase.

.updatePluginState(yourStateToPersist)

Used to persist state to our data store in the browser.

.getPluginState()

Returns whatever the most recent value you passed to .updatePluginState(). Useful when first starting up your Snap to restore its state.

This should give you a message Server listening on http://localhost:8081. You can configure the port, and the build target is configured in snap.config.json, or with command-line arguments. You can now open that address in your browser, and if you have installed your Snap branch of MetaMask correctly, you should be able to see this:

Click the "Connect" button on the site.

Approve the site's permissions request (which includes the Snap installation!)

Approve the Snap's permissions request (which in this case is permission to show alerts to you, to send its message)

Click the "Send Hello" button to receive a greeting from the Snap.

Project structure

dist folder - minified/concatenated version of code used on production sites

bundle.js

bundled js file of snap

index.js

unminified snap code

package.json

Add permissions your plugin needs under the web3Wallet key

snap.config.json

Snap configuration

index.html

Interacts with the Snap using two basic API calls.

index.js

Add API methods to connect to websites from within a Snap. Also contains the Snap Code.

Article Author

0 Comments

Related Articles

Plasma Group’s Plasma Spec

TLDR: We created a spec for a Plasma Cash variant and implemented it in Node.js and Vyper. This document covers the design specification, providing references to the implementation along the way. Our code supports deploying a new chain to testnet, an on-chain registry of other plasma chains and their block explorers, and transacting via a command-line wallet. Introduction The vision of a network of blockchains as a scalability solution has been spreading rapidly. A multi-chain approach for paral

Documentation structure

Documentation structure applies to your documentation as a whole, and to each page. Lets start at the top and work down. There are different types of documentation your project might need. The terms I use to describe them below are just the terms I use, and others use different terms. The explanation of what they are is more important than what you decide to call them is up to you. Documentation types Getting started A Getting started guide is often a starting point with your project. It should